We maintain an SFTP server to provide an upload option for files that are too large to attach to Support tickets and for customers who cannot use third-party file-sharing services. You can upload the output of the support script directly from Puppet Enterprise to our SFTP server.
This article describes:
Version and installation information
PE version: 2018.1.8 and later 2018.1, 2019.0.3 and later
Solution
Files that you upload are read-only and accessible only by our Support team. We'll automatically delete the files after seven days. If you need them deleted at a different time, let us know.
Before you begin, you need an active Support ticket number.
To run the script and upload the output using default credentials, run the following:
puppet enterprise support --v3 --ticket <TICKET NUMBER> --upload
For example,
puppet enterprise support --v3 --ticket 12345 --upload
To specify your own credentials, run the following:
puppet enterprise support --v3 --ticket <TICKET NUMBER> --upload --upload-user <USER NAME> --upload-key <PATH SSH PUBLIC KEY>
For example:
puppet enterprise support --v3 --ticket 12345 --upload --upload-user adalovelace@example.com --upload-key ~/.ssh/id_rsa_pe.pub
Uploading the output of the support script and other files manually
If you are airgapped, or can't upload using the steps above let us know. We can send you credentials and information about the SFTP server so that you can manually upload the support script tarball and other files.
- Log into the server with your credentials.
- On the server, put the files into the
dropfolder.
Our SFTP server
Our SFTP server is available at customer-support.puppetlabs.net and has the following SSH host fingerprints:
# SHA256 hashes SHA256:FBe09SAyXBiLrWyHgrc7GrLR+hK0sB23VUjELt89Gjg (RSA) SHA256:elWbA2dwlXKLd4q43SfFbSp1Dw2FnbLFufsJ4ITn5TU (ECDSA) SHA256:3fBFrK3hOAYrAXLHnPTvOFUUsNtAYaSxX3l59RBt3dY (ED25519) # MD5 hexadecimal hashes MD5:7e:83:fa:91:4d:e0:1a:fb:04:8f:c5:cb:83:15:b3:b9 (RSA) MD5:1a:6e:f3:d0:de:14:2b:7c:00:0f:c6:69:14:b9:3e:64 (ECDSA) MD5:bf:5c:3d:e1:61:1e:e4:da:57:9e:2c:73:d3:4f:ed:26 (ED25519)
Changelog
Regular maintenance of SFTP servers occasionally includes upgrading to newer operating system versions or hardware. In these cases, host fingerprints of the servers will change. Most SFTP software will react to a change in the host fingerprint by failing the connection with a warning. For example, OpenSSH prints the following:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256:elWbA2dwlXKLd4q43SfFbSp1Dw2FnbLFufsJ4ITn5TU.
This section records the dates at which SFTP fingerprints changed so that users can verify updates.
-
2018-12-07: The host fingerprints for customer-support.puppetlabs.net were changed.
Comments
4 comments
Hi,
I am getting this error:
Alex Mesfin
Hi, it looks like you're getting help already, I've let those folks know that you've left a comment here. If we can make improvements to the article based on your experience, we will do it.
Hi Alex,
The most common explanation for that error is that your PE version is older than the --upload feature. This flag was added to the LTS in 2018.1.8 and to the STS in 2019.0.3.
Older PE versions will produce the "invalid option" error that you are seeing.
how to upload only, or how to run the same with behind proxy (with http_proxy) without the proxy config altering the support commands ?
```
cat myFile.json | ssh root@remoteSftpServer -o "ProxyCommand=nc.openbsd -X connect -x proxyhost:proxyport %h %p" 'cat > myFile.json'
```
Please sign in to leave a comment.